# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
32551 |
CVE-2016-0773 |
119 |
|
DoS Overflow |
2016-02-17 |
2017-12-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. |
32552 |
CVE-2016-0772 |
693 |
|
Bypass |
2016-09-02 |
2018-01-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." |
32553 |
CVE-2016-0771 |
119 |
|
DoS Overflow +Info |
2016-03-13 |
2016-12-02 |
4.9 |
None |
Remote |
Medium |
Single system |
Partial |
None |
Partial |
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. |
32554 |
CVE-2016-0770 |
79 |
|
XSS |
2017-03-16 |
2017-03-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in includes/admin/pages/manage.php in the Connections Business Directory plugin before 8.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s variable. |
32555 |
CVE-2016-0769 |
89 |
|
Exec Code Sql |
2017-01-23 |
2017-01-26 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the (2) view, (3) mark, or (4) change parameter. |
32556 |
CVE-2016-0768 |
284 |
|
|
2017-06-06 |
2017-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects. |
32557 |
CVE-2016-0767 |
284 |
|
|
2017-06-06 |
2017-06-13 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath. |
32558 |
CVE-2016-0765 |
79 |
|
XSS |
2017-01-23 |
2017-01-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) action parameter. |
32559 |
CVE-2016-0764 |
362 |
|
+Info |
2017-07-17 |
2017-07-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes. |
32560 |
CVE-2016-0763 |
264 |
|
DoS Bypass |
2016-02-24 |
2018-06-01 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context. |
32561 |
CVE-2016-0762 |
264 |
|
|
2017-08-10 |
2019-04-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. |
32562 |
CVE-2016-0760 |
284 |
|
Exec Code |
2016-08-19 |
2016-08-22 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions. |
32563 |
CVE-2016-0757 |
284 |
|
|
2016-04-13 |
2016-11-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image. |
32564 |
CVE-2016-0756 |
20 |
|
|
2016-01-29 |
2016-12-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix. |
32565 |
CVE-2016-0755 |
287 |
|
|
2016-01-29 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015. |
32566 |
CVE-2016-0754 |
20 |
|
|
2016-01-29 |
2016-02-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name. |
32567 |
CVE-2016-0753 |
20 |
|
Bypass |
2016-02-15 |
2019-08-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters. |
32568 |
CVE-2016-0752 |
22 |
|
Dir. Trav. |
2016-02-15 |
2019-08-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. |
32569 |
CVE-2016-0751 |
399 |
|
DoS |
2016-02-15 |
2019-08-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header. |
32570 |
CVE-2016-0750 |
502 |
|
Exec Code |
2018-09-11 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks. |
32571 |
CVE-2016-0747 |
399 |
|
DoS |
2016-02-15 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. |
32572 |
CVE-2016-0742 |
|
|
DoS |
2016-02-15 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. |
32573 |
CVE-2016-0740 |
119 |
|
Overflow |
2016-04-13 |
2017-06-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file. |
32574 |
CVE-2016-0739 |
200 |
|
+Info |
2016-04-13 |
2017-12-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug." |
32575 |
CVE-2016-0738 |
399 |
|
DoS |
2016-01-29 |
2016-12-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. |
32576 |
CVE-2016-0737 |
399 |
|
DoS |
2016-01-29 |
2016-12-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. |
32577 |
CVE-2016-0736 |
310 |
|
|
2017-07-27 |
2018-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. |
32578 |
CVE-2016-0735 |
264 |
|
Bypass |
2016-04-11 |
2016-04-19 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resource-level access restrictions by leveraging mishandling of a resource-level exclude policy. |
32579 |
CVE-2016-0734 |
254 |
|
|
2016-04-07 |
2017-01-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element. |
32580 |
CVE-2016-0732 |
264 |
|
+Priv |
2017-09-07 |
2017-09-18 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors. |
32581 |
CVE-2016-0731 |
284 |
|
|
2016-05-18 |
2016-05-18 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration. |
32582 |
CVE-2016-0725 |
79 |
|
XSS |
2016-02-22 |
2017-09-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in the search_pagination function in course/classes/management_renderer.php in Moodle 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted search string. |
32583 |
CVE-2016-0724 |
264 |
|
+Info |
2016-02-22 |
2017-09-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle through 2.6.11, 2.7.x before 2.7.12, 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 do not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to obtain sensitive information via a web-service request. |
32584 |
CVE-2016-0723 |
362 |
|
DoS +Info |
2016-02-07 |
2016-12-05 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call. |
32585 |
CVE-2016-0721 |
384 |
|
|
2017-04-21 |
2017-04-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Session fixation vulnerability in pcsd in pcs before 0.9.157. |
32586 |
CVE-2016-0720 |
352 |
|
CSRF |
2017-04-21 |
2017-04-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. |
32587 |
CVE-2016-0715 |
200 |
|
+Info |
2018-09-11 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present. |
32588 |
CVE-2016-0714 |
264 |
|
Exec Code Bypass |
2016-02-24 |
2019-04-15 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session. |
32589 |
CVE-2016-0713 |
79 |
|
XSS |
2017-08-31 |
2017-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests. |
32590 |
CVE-2016-0712 |
79 |
|
XSS |
2016-04-11 |
2016-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to portal. |
32591 |
CVE-2016-0711 |
79 |
|
XSS |
2016-04-11 |
2016-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed before 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the title parameter when adding a (1) link, (2) page, or (3) folder resource. |
32592 |
CVE-2016-0708 |
200 |
|
+Info |
2018-07-11 |
2018-09-11 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue. |
32593 |
CVE-2016-0707 |
264 |
|
+Info |
2016-05-18 |
2016-05-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories. |
32594 |
CVE-2016-0706 |
200 |
|
Bypass +Info |
2016-02-24 |
2019-04-15 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application. |
32595 |
CVE-2016-0704 |
200 |
|
+Info |
2016-03-02 |
2018-01-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800. |
32596 |
CVE-2016-0703 |
200 |
|
+Info |
2016-03-02 |
2018-01-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800. |
32597 |
CVE-2016-0702 |
200 |
|
+Info |
2016-03-03 |
2018-01-04 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack. |
32598 |
CVE-2016-0701 |
200 |
|
+Info |
2016-02-14 |
2017-12-12 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file. |
32599 |
CVE-2016-0700 |
|
|
|
2016-04-21 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0675. |
32600 |
CVE-2016-0698 |
|
|
|
2016-04-21 |
2016-12-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-3423. |